Configure AppLocker in Windows Server 2008 and Windows 7

TipsMake.com - The Windows Server 2008 R2 AppLocker feature allows additional Policy configuration for software used on the server.

When booting with Windows Server 2008 R2 for servers and Windows 7 for desktops, the Software Restrictions Policies feature is replaced by AppLocker. With AppLocker and Group Policy, you can determine which files are prevented from executing; These files may include scripts, installation files and standard executable files.

AppLocker's management feature is that it can be applied locally via Group Policy or GPO on the domain. AppLocker is located in Computer Configuration of Group Policy, inside Windows Setting Security Settings Application Control Policies. From there, configure AppLocker to provide an improved Group Policy configuration.

In this Group Policy section, you can perform many individual configurations, including policies that allow or deny a user or group to launch a file, perform an installation or execute a script. Besides, you can install exceptions and apply it in Active Directory. If you do not want to deny it completely, you can configure AppLocker to only check the continuous repetition of an installation file, a command or a standard executable.

AppLocker is a new feature that is not integrated on operating systems before Windows Server 2008 R2 or Windows 7. With those operating systems, you can apply Software Restriction Policies through a separate policy object group.